package com.order.server.resources;

import org.springframework.context.annotation.Configuration;
import org.springframework.http.HttpMethod;
//import org.springframework.security.config.annotation.web.builders.HttpSecurity;
//import org.springframework.security.oauth2.config.annotation.web.configuration.EnableResourceServer;
//import org.springframework.security.oauth2.config.annotation.web.configuration.ResourceServerConfigurerAdapter;
//import org.springframework.security.oauth2.config.annotation.web.configurers.ResourceServerSecurityConfigurer;

//@Configuration
//@EnableResourceServer//本身是作为oauth作为资源服务器存在的
public class OAuth2ResourceServerConfig
//        extends ResourceServerConfigurerAdapter
{
    /**
     * 除了haha这个请求，其他的请求都要身份认证
     * @param http
     * @throws Exception
     */
//    @Override
//    public void configure(HttpSecurity http) throws Exception {
//        http.authorizeRequests()
//                .antMatchers("/haha").permitAll()
//                .antMatchers(HttpMethod.POST).access("#oauth2.hasAnyScope('write')")
//                .antMatchers(HttpMethod.GET).access("#oauth2.hasAnyScope('read')");
//    }
//
//    @Override
//    public void configure(ResourceServerSecurityConfigurer resources) throws Exception {
//        resources.resourceId("order-service");//对应认证服务器resourceIds配置
//    }
}
